New server, deployment, CI/CD pipeline #907
Conversation
abandoned-prototype
force-pushed
the
new-deployment
branch
5 times, most recently
from
a3410a4
to
866a39f
Compare
| @@ -1,116 +1,17 @@ | |||
| # unused - remove file once circleCI integration is removed | |||
There was a problem hiding this comment.
I might be mistaken, but should this file now be removed assuming it encompasses a full shift away from CircleCI?
There was a problem hiding this comment.
Originally I removed it, but then CircleCI shows up as a failed test with "no config file found" which I thought was distracting (and maybe even blocking the PR, not sure), so now I will remove the file once I removed that integration
| @@ -24,7 +19,7 @@ jobs: | |||
| FLASK_APP: OpenOversight.app | |||
| strategy: | |||
| matrix: | |||
| python-version: [3.5, 3.6, 3.7, 3.8] | |||
| python-version: ["3.8", "3.9"] | |||
There was a problem hiding this comment.
Your PR vaguely mentioned eventually shifting to Python 3.11. Do we want to either add a bigger test matrix, or a comment saying we'll eventually expand the range here?
Also, on a similar note, I think it's worthwhile to specify the current Python version we're using in the Dockerhub description or tags or somewhere for issue traceability.
There was a problem hiding this comment.
It might be worth it to see how far you can push this matrix. See if 3.10 and 3.11 work in the repository's current state, etc.
There was a problem hiding this comment.
Yeah, originally I thought I could make it go to 3.11, but both 3.10 and 3.11 failed some tests (https://github.com/lucyparsons/OpenOversight/actions/runs/4391087165). Probably just a library that needs an update version or something, but I decided I shouldn't try to fix that in this PR.
Good point about specifying the currently used version! I will see where I can add that.
There was a problem hiding this comment.
I also added your second point now @onemec. The python version is set in the workflow file and will also be present in the tag used for the package as can be seen in the example here from my workflow-test branch: https://github.com/lucyparsons/OpenOversight/pkgs/container/openoversight/versions (dev-py3.9). Thanks for the suggestion!
|
Looks good to me overall, though I'll try to review in greater detail later this week. |
| @@ -1,3 +1,5 @@ | |||
| @use "sass:math"; | |||
There was a problem hiding this comment.
This plugin is so fresh!
| @@ -0,0 +1,3 @@ | |||
| yarn build | |||
There was a problem hiding this comment.
I'm not sure if it's absolutely necessary, but since you have it in the prod version, you should add #!/bin/bash to the top of this file.
It'd also be good to add comments on what it's doing like you did in the prod version.
There was a problem hiding this comment.
Good points, thanks! I added #!/bin/bash and made executable. Also added comments.
| @@ -1,14 +1,12 @@ | |||
| { | |||
| "devDependencies": { | |||
| "jquery": "1.9.1 - 3", | |||
There was a problem hiding this comment.
I appreciate that you were able to get rid of a good amount of plugins here, especially jquery. It's crazy how long that plugin has stuck around.
dockerfiles/web/Dockerfile-prod
Outdated
| @@ -0,0 +1,43 @@ | |||
| FROM python:3.8-slim-bullseye as base | |||
There was a problem hiding this comment.
I think some general comments here would be helpful.
There was a problem hiding this comment.
Agreed! I mostly copied this, but now looking at it again, I think I should be able to remove some of these packages. So I will do that first and then add comments why we need each of the remaining pieces.
There was a problem hiding this comment.
Added some comments now and removed the script that installs sqlite which is unused.
| @@ -0,0 +1,154 @@ | |||
| """ | |||
There was a problem hiding this comment.
Though many of these functions are quite intuitive, I think it'd be worthwhile to at least have some function level comments on them. You don't need to put parameter level comments, though I do prefer them, but I think we should have at least Class, function, etc. comments in place.
There was a problem hiding this comment.
Good suggestion. I added some doc-strings and task help which would show up when using invoke --help deploy for example
| @@ -0,0 +1,3 @@ | |||
| yarn build | |||
docker-compose.prod-img.yml
Outdated
|
|
||
| services: | ||
| web: | ||
| image: ghcr.io/lucyparsons/openoversight:${DB_IMAGE_TAG} |
There was a problem hiding this comment.
This doesn't seem to correspond to a database, should this be DOCKER_IMAGE_TAG instead?
There was a problem hiding this comment.
Good find, totally blanked here. Definitely should have DOCKER in the name, thanks!
tasks.py
Outdated
|
|
||
|
|
||
| def deploy_(c: Connection, config: HostConfig): | ||
| print("Start new deployment.") |
There was a problem hiding this comment.
I know it's a little bit more work, but I'd recommend converting these from print to log.info statements and setting up a basicConfig to log at INFO level by default. This would help provide timestamps for when each statement is issued (I've found myself shaking my fist at myself in the past for not having timestamps when using print 😅).
There was a problem hiding this comment.
Thank you, I agree that it is very important to have. Unfortunately python makes logging so weird by default (time is parsed with a comma instead of decimal for microseconds and in local time), so there are some extra lines to make it acceptable.
tasks.py
Outdated
| pwd = io.StringIO(config.github_token) | ||
| print("Get new production docker image.") | ||
| c.run( | ||
| f"docker login ghcr.io -u {config.github_user} --password-stdin", | ||
| in_stream=pwd, | ||
| echo=True, | ||
| ) |
|
|
||
| env: | ||
| image_name: lucyparsons/openoversight | ||
| # env_mapping: {"develop": "staging", "main": "prod"} |
There was a problem hiding this comment.
If these bits are gonna be commented out, I'd be game for just deleting them from the file.
There was a problem hiding this comment.
I had preferred to keep this in the code (not put it in a variable) but I somehow couldn't make that work. I left this here so it's easier to for people to make sense of it, even if they cannot see the variable settings (which might require admin rights to see, not sure)
tasks.py
Outdated
|
|
||
|
|
There was a problem hiding this comment.
Nit: I think it'd be worth getting rid of these two empty new lines.
There was a problem hiding this comment.
This (and various other nitpicky things) can be auto-fixed with pre-commit hooks (like end-of-file-fixer here) in case we care to standardize this, though definitely not urgent.
There was a problem hiding this comment.
Do we have a formatter in place right now?
There was a problem hiding this comment.
Yes, we do have pre-commit hooks in place, including the end-of-file-fixer (see https://github.com/lucyparsons/OpenOversight/blob/develop/.pre-commit-config.yaml) and they ran over this PR: https://github.com/lucyparsons/OpenOversight/actions/runs/4458996732/jobs/7831175755
These extra empty lines were in the middle of a file, not at the end
|
|
||
| @dataclass | ||
| class HostConfig: | ||
| """HostConfig collects various parameters for each deployment (prod, staging, etc)""" |
There was a problem hiding this comment.
Nit: Top line documentation comments should look like:
"""
HostConfig collects various parameters for each deployment (prod, staging, etc).
"""It's easier to read and is more standard from my understanding.
There was a problem hiding this comment.
The pydocstyle checker (part of our pre-commit check) appears to disagree. It's code D200 in this list https://www.pydocstyle.org/en/stable/error_codes.html
There was a problem hiding this comment.
Works for me in that case. It looks like it's good to go!
tasks.py
Outdated
| """Return a HostConfig based on given environment and github user and token. | ||
| Github user and token can be omitted if no connection to github is needed. | ||
| """ |
There was a problem hiding this comment.
Nit:
"""
Return a HostConfig based on given environment and github user and token.
Github user and token can be omitted if no connection to github is needed.
"""There was a problem hiding this comment.
The same goes for the rest of the docstrings.
There was a problem hiding this comment.
Changed this one (because it is multi-line)
|
|
||
|
|
||
| @task( | ||
| help={"environment": "'staging' or 'prod' indicating which environment to target"} |
There was a problem hiding this comment.
Nit: It looks like we use this string at least 3 times, so it'd be worth saving the key and value to a constant, imo.
There was a problem hiding this comment.
I was thinking about that. There is the downside of the help strings potentially not being updated if something changes, but the plus is that it is also a comment to anyone reading the code, so I am leaning to keep it as it is
* Add workflow to build image and push to ghcr.io * Append to workflow to also deploy image to staging/prod * Remove files for old deployment
abandoned-prototype
force-pushed
the
new-deployment
branch
from
2a812ec
to
ea618af
Compare
|
I did a force push to squash the commits from the code review into the original commit to be able to do a merge commit now and maintain the original cherry-picked commit from the OrcaCollective's fork without adding multiple tiny commits to the projects history. The "Compare" button (https://github.com/lucyparsons/OpenOversight/compare/2a812ec9acf6c71d21831cd466e04fbda646d7a3..ea618af46af03408159f125153a4a883ffe8d356) verifies the before and after are identical. |
Status
Ready for review
Description of Changes
Changes proposed in this pull request:
Notes for Deployment
Before merging, I actually need to change the name-server settings so that staging.openoversight.com points to the new server.
Tests and linting
I have rebased my changes on current
developpre-commitchecks pass